The API Key allows external applications to authenticate and call Alohub's APIs. Each API Key is associated with a tenant account and can limit access scopes as needed.
Note: The API Key is only displayed once after creation. Please copy and store it in a safe place immediately. If the key is lost, you need to regenerate a new key.
From the left menu, select Integration → API Keys . The API Keys management page will display a list of created keys.
Click the Create new API Key button in the upper right corner. A dialog will open with the required information fields.
Field | Required | Description |
|---|---|---|
API Key Name | Yes | Name it to identify its purpose. For example: "CRM Integration", "HubSpot Sync" |
Access Scopes | Yes | Select at least 1 scope. Tick the checkboxes corresponding to the permissions needed (see the Scopes table below) |
Duration | No | Select the validity period: Unlimited , 30 days , 90 days , or 1 year |
Click the Create API Key button to complete. The system will display a dialog containing the value of the newly created API Key.
The dialog that appears will contain the full value of the API Key. Click the Copy button to copy the key to the clipboard, then store it in a safe place (environment variable, vault, password manager).
Warning: This key will not be displayed again after you close the dialog. If you close it without copying, you will need to regenerate a new key.
After saving the key, click Saved, close to complete.
Scope | Description |
|---|---|
| Access to call API, recording, agent status |
| Manage autocall campaigns, SMS |
| Read/write customer contacts, leads |
| Access reports and statistics |
After successful creation, the API Key will appear in the list table with the following information:
Name — the name you set during creation
API Key — the masked key value, with a copy button for quick copying
Scopes — the granted scopes, displayed as colored tags
Status — Active (green) or Inactive
Creation Date — the time the key was created
Last Used — the time the API was last called using this key
Click the ⋮ (menu) icon at the end of each row to access actions: Regenerate key or Revoke key. Create API Key via API
/api/v1.0/integration/api-keysHeaders
Type | Required | Description | string |
|---|---|---|---|
| Yes | Authentication token. Format: | string |
| Yes | Body Parameters |
|
Type | Required | Description | string |
|---|---|---|---|
| Yes | Identifier name for the API Key (e.g., "CRM Integration Key") | string[] |
| Yes | List of access scopes. Valid values: | , |
| No | Number of days the key is valid. Suggested values: | , |
curl -X POST "{{protocol}}://{{host}}:{{port}}/api/v1.0/integration/api-keys" \
-H "Authorization: Bearer {{token}}" \
-H "Content-Type: application/json" \
-d '{
"name": "Key tích hợp CRM",
"scopes": ["callcenter", "contacts"],
"expiresInDays": 90
}'const axios = require('axios')
const response = await axios.post(
'{{protocol}}://{{host}}:{{port}}/api/v1.0/integration/api-keys',
{
name: 'Key tích hợp CRM',
scopes: ['callcenter', 'contacts'],
expiresInDays: 90
},
{
headers: {
'Authorization': 'Bearer {{token}}',
'Content-Type': 'application/json'
}
}
)
// Lưu ý: key chỉ trả về 1 lần duy nhất — lưu ngay
console.log('API Key:', response.data.key)import requests
url = '{{protocol}}://{{host}}:{{port}}/api/v1.0/integration/api-keys'
headers = {
'Authorization': 'Bearer {{token}}',
'Content-Type': 'application/json'
}
payload = {
'name': 'Key tích hợp CRM',
'scopes': ['callcenter', 'contacts'],
'expiresInDays': 90
}
response = requests.post(url, json=payload, headers=headers)
# Lưu ý: key chỉ trả về 1 lần duy nhất — lưu ngay
data = response.json()
print('API Key:', data['key'])Response Description 200 OK
{
"id": "key_abc123def456",
"name": "Key tích hợp CRM",
"key": "alo_k_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"scopes": ["callcenter", "contacts"],
"createdAt": "2026-04-07T10:30:00.000Z"
}Type | Description | string |
|---|---|---|
| Unique identifier ID of the API Key | string |
| Name of the API Key set | string |
| Full API Key value — | returned only once string[] |
| List of granted scopes | string |
| Creation time (ISO 8601) | Common Errors |
Cause | How to handle | Missing |
|---|---|---|
| or | Invalid or expired token |
| Retrieve a new authentication token | Account does not have permission to create API Key |
| Contact Alohub | for permission API Key name already exists |
| Rename to a different key or delete the old key with the same name | Security: |
Do not share the API Key via email, chat, or store it in source code. Use environment variables to manage the key in your application. Không chia sẻ API Key qua email, chat hoặc lưu trong source code. Sử dụng biến môi trường (environment variables) để quản lý key trong ứng dụng của bạn.